On Thu, Jul 3, 2008 at 5:06 PM, Res <[EMAIL PROTECTED]> wrote:
> On Wed, 2 Jul 2008, Michel wrote:
>
>>
>>> how the hell is the MTA to know what is genuine Email and what is not,
>>
>> that's the point, it does not and does not need to as well as SM does not
>> need to
>> check if a correct user/p
Thanks for all the suggestions.
Paul.
P.A > -Original Message-
P.A > From: [EMAIL PROTECTED]
P.A > [mailto:[EMAIL PROTECTED] On Behalf Of
P.A > John Fawcett
P.A > Sent: Thursday, July 03, 2008 1:57 AM
P.A > To: Squirrelmail User Support Mailing List
P.A > Subject: Re: [SM-USERS] squirrelm
On Jul 3, 2008, at 7:25 AM, Nabin Limbu wrote:
> - All exploited accounts preference were changed (Name, email, reply
> address)
> - All exploited accounts were forced to use signature and multiple
> signatures were full of spam messages with filename in this pattern
> username.si1 username.si2
I had the same issue of spamming via my squirrelmail few days ago.
Suddenly, I found large queued mails on my mail server authenticated via
squirrelmail. Below are things that I found after a short analysis
- All exploited accounts had same username and password. I don't how did
they find all the
